CVE-2026-33583
Severity CVSS v4.0:
Pending analysis
Type:
CWE-749
Exposed Dangerous Method or Function
Publication date:
13/05/2026
Last modified:
14/05/2026
Description
Exposure of the QKEY (used as <br />
input into the ‘OTA-Quantum’ device registration process) and internal <br />
system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform.<br />
<br />
This issue affects Symmetric Key Agreement Platform: before 26.03.
Impact
Base Score 3.x
8.70
Severity 3.x
HIGH



